A special thank you to Shane Young of SharePoint 911 for helping me find this article and pointing me in the right direction.

I discovered the initial problem of search not working shortly after I implemented CBA (Claims Based Authentication) and that led me down many incorrect paths until Shane pointed out the key problem was that my query component in the search services page of the SharePoint 2010 Central Admin was stuck on "Initializing". This is what led to Søren Nielsen's blog and the eventual discovery of the root issue being that my SharePoint 2010 machine was not a member of a domain. My additions will be noted by a complete line of red text with asterisks ****below.

An Excerpt below from Søren Nielsen's blog post sums up the problem of what search will not work on a machine that is not joined to a domain. I disc

The Trouble with Search

Search will fail with a number of errors and in the search administration the Query Component will remain stuck in the initializing state:

The other bunch of event log errors etc. is listed at the end of this post for the benefit of Google.

As far as I can conjecture the problem is that the timer service is trying to setup a network share for every query component where the crawlers can dump their data. It is trying to setup that share with a domain account that happens to be a local user instead in this case and fails with either an "Access Denied" error or a "System.ArgumentException: The SDDL string contains an invalid SID or a SID that cannot be translated".

The share name it's trying to use is the same as the query role, i.e. "Guid-query-0″ pointing to (if using default locations) "C:\program files\Microsoft Office Servers\14.0\Data\Office Server\Applications" with change permissions for the "WSS_WPG" group.

Unfortunately it does not help to just create the share for it apparently the query components insist on waiting for the timer job to complete successfully

The Search Fix

The fix is fairly simple and almost completed by Gary Lapointe whom I owe great thanks for doing most of the hard work in his post on scripting the Enterprise Search installation and the comments below his post (thanks to Marco van Wieren).

The fix is simply to create and configure all the enterprise search components from PowerShell as it allows you to set a few more options, specifically the share name for the query components so that you are then allowed to create them yourself.

The script was originally made for configuring search components across an entire farm and therefore a bit more complicated than it strictly has to be. I left it in there while adding support for single server install as well. Gary's script was made for beta 2 and I've fixed a few simple errors/typos, corrected the few API changes between beta 2 and RTM and finally added the share name support.

The script is quite long a not suitable for pasting into a blog – download instead.

****I have actually changed the script to execute the function when run. If you would like to use my script for an out of the box solution it can be downloaded here:****

The Share Name (here "SearchShare") will be created by the script as well, so whatever you call it doesn't matter

The config file shown can be reused on every machine provided that the local service account "saservice" has been created before

To continue and complete step 5 in the procedure above (sorry for the numbering wordpress is messing up the html):

Start PowerShell shell (I will load the SharePoint snapin if it's not a SharePoint Management Shell)

Load the "SetupEnterpriseSearch.ps1″ script (just drag the file into the shell and execute) which will define the required functions

Execute "Start-EnterpriseSearch "<path>\searchconfig.xml""

Wait for a few minutes and watch for errors

Go to the Search Administration and verify that your new search topology works

It should look something like this:

If you configured search in step 4 you will have two

If you have two you can safely go back to "Manage service applications" and delete the one named "Search Service Application 1″ (and associated databases) – the one created by the script is "Enterprise Search Service Application"

Try it! Go to a local SharePoint site and search for something

Before the search would return a server error 500 so anything else than that can be considered a success

I like to add a few documents and have them show up in the search before I call it a success…

****I have made alterations to the steps above if you are using my altered files where the powershell script calls the function inside of it.****

The config file name in my script is spsearchconfig.xml and it is referenced in 2 places in the SetupEnterpriseSearch.ps1 PowerShell script

09/07/2010

If you are about to embark on the long journey down the road of a SharePoint 2007 upgrade there are a few items you may want to considering before making the attempt.

After attending the Microsoft SharePoint Conference in 2009 I was filled with optimism as it was clearly demonstrated that Microsoft had been listening to its users and IT professionals deploying SharePoint 2007. There were numerous demonstrations and assurance given that the upgrade process would be much smoother if not painless than it was with SharePoint 2007. One of the major changes was that SharePoint 2010 would operate only on a 64-bit system, an improvement I am willing to accept. After hearing this I felt confident that my upgrade would go smoothly as I had already anticipated this when installing SharePoint 2007 in our environments on 64-bit capable systems with the latest SQL Server 2008 64-bit edition.

End result. Massive failure. After 2 days of tinkering I determined that an in place upgrade was not going to work and a new installation would be necessary. Both processes will be detailed below but to save you some time I would skip directly to the new installation method.

System must be 64-bit

Backup all DB's and take a snapshot of the VM if you are fortunate enough to have it running in a VM.

Do not attempt an in place upgrade – this will almost certainly fail. I was glad I has my SP 2007 install in a VM and could snapshot before attempting this

If you are using Forms Based Authentication, throw out your configs and read up on Claims Based Authentication. I will explain more below.

A

New Naming Scheme

The comic below illustrates this point pretty succinctly.

There will be no more WSS or MOSS but in fact it will now be known as just SharePoint Server 2010

WSS (Windows SharePoint Services) has now become STS (SharePoint Team Services)

In Place Upgrade of SharePoint 2007

Here is the rundown of my environment so we can get those questions out of the way.

Running in a Hyper-V image

Windows Server 2008 R2 x64

SQL Server 2008 R2 x64

SharePoint 2007 successfully installed and patched to SP2

FBA setup and running from local FBA DB

SharePoint Search successfully setup and running

2 sites setup in SP 2007 with local and public facing entry points

New Installation Upgrade of SharePoint 2007

Enter Claims Based Authentication

If you were used to the old FBA (Forms Based Authentication) in the past making use of a custom database that contained users and roles then prepare to make the jump into Claims Based Authentication. In SharePoint 2007 SharePoint did not have its own authentication engine. Instead SP 2007 running FBA would pass the authentication token off to the custom DB, decode the password hash, if the value of the entered password and the decoded password matched return an

08/05/2010

I am reposting this article as it proved very useful when trying to enable anonymous access to an FBA based SharePoint site I recently setup. This was originally posted at Max Yermakhanov's Blog

SharePoint public-facing website and Microsoft Office documents

When you have a public-facing site built using SharePoint technologies, opening Microsoft Office documents (Word, Excel, PowerPoint, Visio, etc.) stored on this website requires user to login. You can hit Cancel at the login prompt and still be able to see the document, but having a login prompt displayed to the Internet users, sort of defeats the purpose of having SharePoint-built public facing website with anonymous access turned on. This happens because Microsoft Office is closely integrated with MOSS or WSS 3.0 now, and MS Office is now able to recognize that the document is stored within SharePoint, so the appropriate SharePoint authentication/authorization tools kick in. This problem can be resolved mostly by implementing two simple steps (assuming you have already enabled anonymous access on SharePoint):

I ran into an interesting problem today where I had a SharePoint site setup with anonymous access permissions and I was getting reports that users could not download XLSX files from this site. After doing some digging I found that Excel Services for SharePoint was trying to launch the document as the default application instead of Excel from the desktop. This site showed me how to disable this functionality for XLSX files.

03/08/2010

I have been working with SharePoint for a few months now in all sorts of different configurations:

Domain connected server with Active Directory Authentication (AD)

Domain connected server with Forms Based Authentication (FBA)

Workgroup connected server with Active Directory Authentication (AD)

Workgroup connected server with Forms Based Authentication (FBA)

Most of the experimentation was going well into I was deploying a custom webpart. The webpart was working fine when the server was accessed via the machine name URL: http://MACHINENAME. However when I setup an Alternate Access Mapping (AAM), nothing worked.

Finally I stumble across a great article that was referred to me by one of our developers about a nice registry key called "BackConnectionHostNames"

I am going to repeat the steps below incase the link is broken but this is what finally made AAM work in my configuration.

There are two possible methods for a server application to work around this change. The recommended approach is to map the host name used in the request URL to the BackConnectionHostNames key in the registry on the server. The BackConnectionHostNames registry key is normally used to map a host name to a loopback address. To specify the host names that are mapped to the loopback address and can connect to Web sites on a local computer, follow these steps - 1. Click Start, click Run, type regedit, and then click OK. 2. In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 3. Right-click MSV1_0, point to New, and then click Multi-String Value. 4. Type BackConnectionHostNames, and then press ENTER. 5. Right-click BackConnectionHostNames, and then click Modify. 6. In the Value data box, type the host name or the host names for the sites (the host name used in the request URL) that are on the local computer, and then click OK. In our case it would be www.test.com. 7. Quit Registry Editor, and then restart the IISAdmin service and run IISReset.

A less secure work around is to disable the loop back check, as described in this article. This disables the protection against reflection attacks. So it is better to constrain the set of alternate names to only those you expect the machine to actually use.

This article was reposted from the IIS Team Blog from original poster Amit Sharma

NOTE: To create a simple Test Web-Site running on some different port. Also add a hostname to the site as www.test.com and add an entry for it in your Host file (located at C:\Windows\System32\drivers\etc). Add a simple asp page in this Test Web Site which displays the current time. This is great if you need to run a demo machine off network that requires a webserver.

03/04/2010

Recently Windows has made great improvements in the FTP server that integrates with IIS. In Windows Server 2008 and Server 2008 R2 II7 now has a new FTP Server 7.5. This can be installed from a download if you are using Windows Server 2008 or added as a role service if you are using Windows Server 2008 R2.

This is all well and good except there is a big "gotcha" in working with passive mode FTP.

An excerpt from "How to Configure Windows Firewall for a Passive Mode FTP Server"

Using the File Transfer Protocol (FTP) service on a server behind a firewall creates a set of challenges because of the way FTP works. A standard mode FTP client initiates a session to a server by opening a "command channel" connection to TCP port number 21. A file transfer is requested by the client by sending a PORT command to the server. The server then attempts to initiate a "data channel" connection back to the client on TCP port number 20. A typical firewall running on the client sees this data channel connection request from the server as unsolicited and drops the packets, causing the file transfer to fail. Windows Firewall with Advanced Security in Windows Vista and Windows Server 2008 support stateful FTP, which allows it match inbound connection requests on port 20 with previous outbound PORT commands from the client. However, if you use FTP over SSL to encrypt and secure the FTP traffic, then the firewall can no longer inspect the inbound connection requests from the server, and they are blocked.

To avoid this issue, FTP also supports a "passive" operational mode in which the client initiates the data channel connection. Instead of using the PORT command, the client sends a PASV command on the command channel. The server responds with the TCP port number to which the client should connect to establish the data channel. By default, the server uses an available port in the ephemeral range (1025 through 5000). To better secure the server, you can restrict the port range used by the FTP service, and then create a firewall rule that allows FTP traffic on only those allowed port numbers.

So as you can see, the communication initials on port 21 but then a "data channel" is setup on port 20 which is where your communication is probably getting blocked.

Follow the steps in the link below to enable Windows Firewall to allow this data channel communication through.

03/03/2010

After banging my head bloody and several ice packs later here is how I did it.

So I read through the Avast support sites and did not come up with much but here is the process by which I was able to get this to work.

Please read all steps before starting as I may have put my notes in the install items not in the order that the installers ask for this information.

Install SQL Server 2008 (I used enterprise but I am sure that this will work with SQL 2008 Express as long as you change the default instance from SQLEXPRESS to MSSQLSERVER).

Ignore the warning that "this version cannot be started" and choose "run anyway". Windows Server 2008 will complain that the SQL Server install does not contain SP1. You can go through the trouble of creating a slipstream install if you want (TFS and SharePoint crowds, you know what I am talking about) or you can just choose run anyway and it will run fine.

Use "new server standalone" option.

Install with default options and use the default instance of MSSQLSERVER. A quick note, when referencing this instance in any other interface, IE Avast ADNM install, use SERVERNAME\MSSQLSERVER

If you installed SQL Server 2008 Express edition or even SQL Server 2005 Express edition you should change the instance from SERVERNAME\SQLEXPRESS to SERVERNAME\MSSQLSERVER. You could probably leave it as SERVERNAME\SQLEXPRESS (the SQL Express default install instance) if you wanted but remember you will have to reference it that way in the install.

Make sure you install the SQL Server Management Studio so you can login with this utility to troubleshoot what is going on with your install

Set all services to start as "Automatic" . NOTE: If you are installing SQL Server 2008 Express, the agent cannot automatically start and it will not even if you try to force it.

Set the service to a known user. I created a domain user in our AD, IE DOMAIN\mssqlservice. You probably are fine with using the network service user but make sure you set them all the same. You can change them later in the Windows Server 2008 services manager if you need.

I also add the current user, MACHINENAME\Administrators, DOMAIN\Domain Admins. This way if you add users to either the local machine or domain administrator groups they will still have access to the SQL server.

Install using "MIXED MODE" authentication. This is what I do anyway as it gives you a backdoor if you Windows Authentication becomes corrupt. This will create the following

User: sa

Password: <whatever you set the password to>

You can then login without specifying a machine name

Sit back for a bit and let SQL Server 2008 install its stuff.

Install SQL Server 2008 SP1

Again you will get the error that "this version cannot be started" and choose "run anyway" again.

Pretty basic stuff here, make sure it picks up on your correct instance which should be SERVERNAME\MSSQLSERVER or SERVERNAME\SQLEXPRESS, depending on which naming you chose.

When the install completes make sure that you run Windows Update to catches anything additional

Login to the DB to make sure your user sa username/password works. Do this by starting the SQL Management studio and use the "Mixed Mode" login.

Once successfully logged in got to Security\Logins and make sure the SA user is listed and open the properties on the user and make sure that Login is ENABLED under "STATUS". This will make sure that the user can login. By proof if you are successfully able to login to the SQL Server Management Studio with the user SA, then this should already be enabled.

Choose the defaults on the install and choose to install the mirror server (MUCH easier to do it during the install than afterwards.

When it comes time to choose where the DB will be installed fill it out like this

Server: SERVERNAME NOTE: If you used an instance other than MSSQLSERVER then enter it like this SERVERNAME\INSTANCENAME IE SERVERNAME\SQLEXPRESS

User: sa

Password: <whatever you set the password to>

Avast will tell you when you click "next" if it can connect to the server or not. If it does not connect go to the services console on your server and make sure the MSSQLSERVER is started and running and try again. If you are on a domain you may need to give the full name of your server IE SERVERNAME.domain.local

At this point the installer should be running and it will kick off the mirror server installation tasks in a DOS box. Sit back for a bit and let it download all the VPUs

When the install is done click finish. There may be a prompt complaining the ADNM service could not start, if so click OK and ignore the log windows and close them.

Delete the databases by hand, DON'T USE THE AMS MAINTENANCE TOOL!!!!! It only seems to understand SQL Server 2000 DB formats and is therefore useless (NOTE TO AVAST STAFF, may want to fix this in your installer)

Your MDF and LDF files may be in different locations based on your installation of SQL Server (Enterprise or Express) or edition (x64 or x86). Either way search for the filenames and you should find them.

I know it sounds crazy, why delete a DB the installer just created and I am not sure what the answer is but this works.

Lastly go to the Computer Manager on your system and open the SERVICES section and start the avast! Management Server manually.

Start up the Avast! ADNM Console

Click "detect servers" it may or may not come up with your server. If it does not appear type it in by hand, IE SERVERNAME, SERVERNAME\INSTANCENAME, SERVERNAME\SQLEXPRESS, SERVERNAME.domain.local, etc.

BIG GOTCHA HERE!!!!!! The default login is Administrator with the password "admin" the document

Direct from their docs that load up on this screen:

The default username is Administrator, and the default password is admin. We strongly encourage all users to change the password as soon as possible after logging on to the server, because leaving the password set to its default value leaves the system open to unauthorized access.

Username: Administrator

Password: admin

As soon as you login click on "Users" and then click on "Administrators" and create a new user as well as change the password on the Administrator account

That's it. You can work yourself through the rest of the Admin guide to customize the "Discovery Tasks" , "Create deployment packages" and "Setup deployment groups".

I hope this helps anyone that struggled with this install. You can install on Windows Server 2008 x64 and SQL Server 2008 x64 with a littler perseverance

01/11/2010

Peel a banana from the bottom and you won't have to pick the little 'stringy things' off of it. That's how the primates do it.

Take your bananas apart when you get home from the store.If you leave them connected at the stem, they ripen faster.

Store your opened chunks of cheese in aluminum foil.It will stay fresh much longer and not mold!

Peppers with 3 bumps on the bottom are sweeter and better for eating.Peppers with 4 bumps on the bottom are firmer and better for cooking.

Add a teaspoon of water when frying ground beef.It will help pull the grease away from the meat while cooking.

To really make scrambled eggs or omelettes rich add a couple of spoonfuls of sour cream, cream cheese, or heavy cream in and then beat them up.

For a cool brownie treat, make brownies as directed. Melt chocolate mint patties i n double broiler and pour over warm brownies. Let set for a wonderful minty frosting.

Add garlic immediately to a recipe if you want a light taste of garlic and at the end of the recipe if your want a stronger taste of garlic.

Reheat Pizza

Heat up leftover pizza in a nonstick skillet on top of the stove, set heat to med-low and heat till warm. This keeps the crust crispy. No soggy micro pizza. I saw this on the cooking channel and it really works.

To warm biscuits, pancakes, or muffins that were refrigerated, place them in a microwave with a cup of water. the increased moisture will keep the food moist and help it reheat faster.

Newspaper weeds away

Start putting in your plants, work the nutrients in your soil. Wet newspapers, put layers around the plants overlapping as you go cover with mulch and forget about weeds. Weeds will get through some gardening plastic they will not get through wet newspapers.

Broken Glass

Use a wet cotton ball or Q-tip to pick up the small shards of glass you can't see easily.

Flexible vacuum

To get something out of a heat register or under the fridge, add an empty paper towel roll or empty gift wrap roll to your vacuum. It can be bent or flattened to get in narrow openings.

Reducing Static Cling

Pin a small safety pin to the seam of your slip and you will not have a clingy skirt or dress. Same thing works with slacks that cling when wearing panty hose. Place pin in seam of slacks and.. At DA!... Static is gone.

Measuring Cups

Before you pour sticky substances into a measuring cup, fill with hot water. Dump out the hot water, but don't dry cup. Next, add your ingredient, such as peanut butter, and watch how easily it comes right out.

Foggy Windshield?

Hate foggy windshields? Buy a chalkboard eraser and keep it in the glove box of your car. When the windows fog, rub with the eraser! Works better than a cloth!

Reopening envelope

If you seal an envelope and then realize you forgot to include something inside, just place your sealed envelope in the freezer for an hour or two. Viola! It unseals easily.

Conditioner

Use your hair conditioner to shave your legs. It's cheaper than shaving cream and leaves your legs really smooth. It's also a great way to use up the conditioner you bought but didn't like when you tried it in your hair.( Bet ya really like this one, don't ya ? )

Get Rid of Ants

Put small piles of cornmeal where you see ants. They eat it, take it 'home,' can'tdigest it so it kills them. It may take a week or so, especially if it rains, but it works and you don't have the worry about pets or small children being harmed!

INFO ABOUT CLOTHES DRYERS

The heating unit went out on my dryer! The gentleman that fixes things around the house for us told us that he wanted to show us something and he went over to the dryer and pulled out the lint filter. It was clean. (I always clean the lint from the filter after every load clothes.) He told us that he wanted to show us something else; he took the filter over to the sink and ran hot water over it. The lint filter is made of a mesh material... I'm sure you know what your dryer's lint filter looks like. Well ...the hot water just sat on top of the mesh! It didn't go through it at all! He told us that dryer sheets cause a film over that mesh that's what burns out the heating unit.You can't SEE the film, but it's there. It's what is in the dryer sheets to make your clothes soft and static free... that nice fragrance too. You know how they can feel waxy when you take them out of the box...well this stuff builds up on your clothes and on your lint screen. This is also what causes dryer units to potentially burn your house down with it! He said the best way to keep your dryer working for a very long time (and to keep your electric bill lower) is to take that filter out and wash it with hot soapy water and an old toothbrush (or other brush) at least every six months.He said that makes the life of the dryer at least twice as long!

Note: I went to my dryer and tested my screen by running water on it. The water ran through a little bit but mostly collected all the water in the mesh screen. I washed it with warm soapy water and a nylon brush and I had it done in 30 seconds. Then when I rinsed it. the water ran right through the screen! There wasn't any puddling at all! That repairman knew what he was talking about!

12/03/2009

There is often times a misunderstanding when I am discussing the feature of Windward products with clients in regards to Windward's use of Microsoft SQL Server. I am here to clear a few things up.

Windward Products that make use of Microsoft SQL Server: These products can all make connections to Microsoft SQL Servers and retrieve data from them to be used in reports.

.NET Engine

Java Engine

AutoTag

AutoTag Max

Arrow

Windward Products that make use of Microsoft SQL Server for storing Windward specific data key to the operation of Windward products:

AutoTag Max

Arrow

Windward needs an SQL Server to maintain a database for the scheduler program that accompanies AutoTag Max.

Windward Arrow requires the same database for its scheduler but since Arrow is a 3rd party web part add in to Microsoft SharePoint (either WSS 3.0 or MOSS 2007), then this is almost never an issue as Microsoft SharePoint needs an SQL Server before it can be installed.

AutoTag Max has a feature in its installer to detect if an existing SQL Server is installed on the target system.

If an existing SQL Server is not found then the bootstrapper in the installer with download and install Microsoft SQL Server Express.

Microsoft SQL Server Express is a free version of a lightweight SQL Server offered by Microsoft. It is not a full version and performs the basic need of providing AutoTag Max with a small database to store report scheduling information.

Windward products can connect to multiple databases in a single report. These data connections are used for retrieving data for your report and not for storing Windward specific product information.

Windward supports connecting to several other datasources that are not SQL based.

XML files, via local path, UNC path or URL. Also with or without a schema file reference via local file or URL.

Microsoft Excel: CSV, XLS, XLSB , XLSM and XLSX

Microsoft Access: MDB and ACCDB

Microsoft SharePoint Lists via OleDB

Windward SQL Schema. This is an schema file that is generated from the Windward Engine that a DB administrator can then remove tables that are not needed in order to make accessing the database and loading the tree structure significantly faster.

Windward also support a datasource API allowing a user to write a custom datasource connection that can communicate with Windward.

As you can see Windward has the ability to connect to almost any datasource. Only a few products store Windward specific information and thus require a small, free, lightweight Microsoft SQL Server Express database.